$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1823/X27CblLlO5llCYV-iXGWcdXClXo.roa File: X27CblLlO5llCYV-iXGWcdXClXo.roa (raw, json) Hash identifier: NZV/zk0niMVA3a1jU0+Y4vu5e0xemkCeUutynUuKvHE= Subject key identifier: 5F:6E:C2:6E:52:E5:3B:99:65:09:85:7E:89:71:96:71:D5:C2:95:7A Certificate issuer: /CN=46E7400FC97FC7A2093E054CF0DF42CB77564023 Certificate serial: 06DB Authority key identifier: 46:E7:40:0F:C9:7F:C7:A2:09:3E:05:4C:F0:DF:42:CB:77:56:40:23 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/RudAD8l_x6IJPgVM8N9Cy3dWQCM.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1823/X27CblLlO5llCYV-iXGWcdXClXo.roa Signing time: Sat 13 Sep 2025 03:07:47 +0000 ROA not before: Sat 13 Sep 2025 03:07:47 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 1449 IP address blocks: 103.59.123.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1823/RudAD8l_x6IJPgVM8N9Cy3dWQCM.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1823/RudAD8l_x6IJPgVM8N9Cy3dWQCM.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/RudAD8l_x6IJPgVM8N9Cy3dWQCM.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 04:07:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1755 (0x6db) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=46E7400FC97FC7A2093E054CF0DF42CB77564023 Validity Not Before: Sep 13 03:07:47 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=5F6EC26E52E53B996509857E89719671D5C2957A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:72:3f:66:8e:2b:06:a5:d0:f3:6e:8d:f0:2c: 67:d3:6a:89:f3:d1:a8:ea:d8:7b:37:e4:c7:d8:9e: 55:b1:8d:a0:5d:b6:19:e5:f6:60:9d:7c:5a:cf:41: b5:f4:27:39:52:60:8b:be:9f:01:d7:ae:f0:b5:ea: 5c:05:9f:dd:1b:26:c4:8e:01:70:ab:38:c9:7a:2c: 47:24:e0:b6:4c:ec:cc:6c:8a:97:cd:ac:56:af:b6: 9b:6e:5f:a1:09:55:6f:4a:f3:17:cc:e3:6a:96:d3: e7:fb:f1:55:b3:fc:6a:59:ee:36:ad:15:1d:eb:64: e9:11:59:fb:99:24:ec:16:bf:15:2a:b7:fb:05:11: 2c:e7:8e:f2:4c:78:bc:3f:75:fa:f8:58:9c:ff:b0: 84:cd:1a:2f:e9:a3:48:ed:2d:07:23:55:79:0a:c5: 63:28:20:17:a8:1f:a9:64:b4:c7:b4:c5:01:c8:23: df:2c:22:6a:69:db:90:fa:7c:6f:f0:99:08:b2:37: bc:29:9e:77:63:95:24:8d:8d:eb:79:0f:79:cb:e6: ef:2f:4f:d6:66:7f:59:cd:c1:67:a9:c5:22:1d:1d: cd:a9:47:8c:cc:19:ab:bd:ac:75:f8:77:00:dd:26: 60:e0:ba:05:21:1c:6d:1b:67:82:74:41:d2:52:a9: be:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:6E:C2:6E:52:E5:3B:99:65:09:85:7E:89:71:96:71:D5:C2:95:7A X509v3 Authority Key Identifier: keyid:46:E7:40:0F:C9:7F:C7:A2:09:3E:05:4C:F0:DF:42:CB:77:56:40:23 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1823/RudAD8l_x6IJPgVM8N9Cy3dWQCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/RudAD8l_x6IJPgVM8N9Cy3dWQCM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1823/X27CblLlO5llCYV-iXGWcdXClXo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.59.123.0/24 Signature Algorithm: sha256WithRSAEncryption 41:8b:17:74:c3:9e:eb:37:0d:c0:df:55:95:d5:68:34:45:20: 02:53:c3:6b:9d:4a:b2:2c:11:09:c3:6e:8f:9e:97:19:e0:f6: 31:a3:24:81:c7:2d:af:5e:6d:7f:a6:d9:16:bc:c8:44:78:41: a2:76:31:ae:8e:bb:2c:14:40:62:59:88:23:30:3a:32:14:48: a9:e3:a2:c3:7c:a5:a5:a1:d2:a5:34:33:fd:35:63:34:7b:f8: 50:6e:ab:68:fc:b7:aa:dc:fa:ac:74:cb:bc:90:81:fc:97:7b: 86:44:f8:2f:5e:b0:21:d0:b0:bc:cd:e5:8d:08:3e:0c:a7:9f: db:b6:c4:63:fa:d5:ea:19:d6:8a:0b:11:3d:cd:3d:da:f3:4b: fb:4d:22:d8:5f:6e:84:b6:30:03:43:9c:02:07:97:43:8f:68: 63:9a:32:7b:c3:09:f0:30:56:45:c1:a2:4c:e8:45:e5:99:cf: 07:17:fa:72:b8:0b:fe:42:dc:5c:50:1c:9c:d4:21:a7:a6:02: 52:7a:4a:3f:37:34:64:c4:23:5b:3f:83:58:86:7f:d5:ac:e5: 75:03:19:d4:38:29:c6:ed:f8:5d:18:21:b7:bd:0c:5e:94:d4: 9e:d3:df:44:c7:e2:e9:8f:f1:fc:9e:24:ab:4d:fa:80:94:1d: 1d:0b:11:b1 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICBtswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDZF NzQwMEZDOTdGQzdBMjA5M0UwNTRDRjBERjQyQ0I3NzU2NDAyMzAeFw0yNTA5MTMw MzA3NDdaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDVGNkVDMjZFNTJFNTNC OTk2NTA5ODU3RTg5NzE5NjcxRDVDMjk1N0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC5cj9mjisGpdDzbo3wLGfTaonz0ajq2Hs35MfYnlWxjaBdthnl 9mCdfFrPQbX0JzlSYIu+nwHXrvC16lwFn90bJsSOAXCrOMl6LEck4LZM7MxsipfN rFavtptuX6EJVW9K8xfM42qW0+f78VWz/GpZ7jatFR3rZOkRWfuZJOwWvxUqt/sF ESznjvJMeLw/dfr4WJz/sITNGi/po0jtLQcjVXkKxWMoIBeoH6lktMe0xQHII98s Impp25D6fG/wmQiyN7wpnndjlSSNjet5D3nL5u8vT9Zmf1nNwWepxSIdHc2pR4zM Gau9rHX4dwDdJmDgugUhHG0bZ4J0QdJSqb4pAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUX27CblLlO5llCYV+iXGWcdXClXowHwYDVR0jBBgwFoAURudAD8l/x6IJPgVM 8N9Cy3dWQCMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTgy My9SdWRBRDhsX3g2SUpQZ1ZNOE45Q3kzZFdRQ00uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1J1ZEFEOGxfeDZJSlBnVk04TjlDeTNkV1FDTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE4MjMvWDI3Q2JsTGxPNWxs Q1lWLWlYR1djZFhDbFhvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGc7ezANBgkqhkiG9w0BAQsFAAOCAQEAQYsXdMOe6zcNwN9VldVoNEUgAlPD a51KsiwRCcNuj56XGeD2MaMkgcctr15tf6bZFrzIRHhBonYxro67LBRAYlmIIzA6 MhRIqeOiw3ylpaHSpTQz/TVjNHv4UG6raPy3qtz6rHTLvJCB/Jd7hkT4L16wIdCw vM3ljQg+DKef27bEY/rV6hnWigsRPc092vNL+00i2F9uhLYwA0OcAgeXQ49oY5oy e8MJ8DBWRcGiTOhF5ZnPBxf6crgL/kLcXFAcnNQhp6YCUnpKPzc0ZMQjWz+DWIZ/ 1azldQMZ1Dgpxu34XRght70MXpTUntPfRMfi6Y/x/J4kq036gJQdHQsRsQ== -----END CERTIFICATE-----Generated at Tue Oct 21 01:57:33 2025 by rpki-client